overmind
/
matrix-docker-ansible-deploy
şunun yansıması https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Çatalla 0
Kod Konular 0 Sürümler 0 Wiki Aktivite
Kaynağa Gözat

Rework `client_body_buffer_size`/`client_max_body_size` and `proxy_max_temp_file_size` configuration for `matrix-synapse-reverse-proxy-companion` 

Until now, most sections were specifying their own values for these.
For `client_max_body_size`, a value of 25MB was hardcoded in most places.

This was generally OK, but..
Some sections (those generated by the `render_locations_to_upstream` macro), were not specifying these options
and were ending up with a default value for configuration options for `client_max_body_size` (likely 1MB), etc.

From now on:

- we use individual variables for defining these for the Client-Server
  and Federation API and apply these once at the `server` level

- we keep auto-determining the `client_max_body_size` for the
  Client-Server API based on `matrix_synapse_max_upload_size_mb`

- we keep auto-calculating the `client_max_body_size` for the Federation
  API based on the one for the Client API, but now also add a "minimum"
  value (`matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb_minimum: 100`)
  to ensure we don't go too low

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4100
pull/4122/head
Slavi Pantaleev 1 yıl önce
ebeveyn
771fd4e58c
işleme
10fabc32bc
2 değiştirilmiş dosya ile 26 ekleme ve 36 silme
Görünümü Böl
Diff Seçenekleri
İstatistikleri Göster Yama Dosyasını İndir Diff Dosyasını İndir
  1. +14
    -2
      roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml
  2. +12
    -34
      roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2

+ 14
- 2
roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml Dosyayı Görüntüle

@@ -203,14 +203,26 @@ matrix_synapse_reverse_proxy_companion_hostname: "matrix-synapse-reverse-proxy-c

# matrix_synapse_reverse_proxy_companion_client_api_addr specifies the address where the Client-Server API is
matrix_synapse_reverse_proxy_companion_client_api_addr: 'matrix-synapse:{{ matrix_synapse_container_client_api_port }}'

# The maximum body size for client requests to any of the endpoints on the Client-Server API.
# This needs to be equal or higher than the maximum upload size accepted by Synapse.
matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb: 50
matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb: 100

# The buffer size for client requests to any of the endpoints on the Client-Server API.
matrix_synapse_reverse_proxy_companion_client_api_client_body_buffer_size_mb: "{{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}"

# matrix_synapse_reverse_proxy_companion_federation_api_enabled specifies whether reverse proxying for the Federation (Server-Server) API should be done
matrix_synapse_reverse_proxy_companion_federation_api_enabled: true
# matrix_synapse_reverse_proxy_companion_federation_api_addr specifies the address where the Federation (Server-Server) API is
matrix_synapse_reverse_proxy_companion_federation_api_addr: 'matrix-synapse:{{ matrix_synapse_container_federation_api_plain_port }}'
matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb: "{{ (matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb | int) * 3 }}"

# The maximum body size for client requests to any of the endpoints on the Federation API.
# We auto-calculate this based on the Client-Server API's maximum body size, but use a minimum value to ensure we don't go to low.
matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb: "{{ [matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb_minimum, (matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb | int) * 3] | max }}"
matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb_minimum: 100

# The buffer size for client requests to any of the endpoints on the Federation API.
matrix_synapse_reverse_proxy_companion_federation_api_client_body_buffer_size_mb: "{{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}"

# A list of strings containing additional configuration blocks to add to the nginx vhost handling the Synapse Client-Server API
matrix_synapse_reverse_proxy_companion_synapse_client_api_additional_server_configuration_blocks: []


+ 12
- 34
roles/custom/matrix-synapse-reverse-proxy-companion/templates/nginx/conf.d/matrix-synapse-reverse-proxy-companion.conf.j2 Dosyayı Görüntüle

@@ -91,6 +91,12 @@ server {
server_tokens off;
root /dev/null;

client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
client_body_buffer_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_body_buffer_size_mb }}M;

proxy_buffering on;
proxy_max_temp_file_size 0;

{% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %}
# Client-server overrides — These locations must go to the main Synapse process
location ~ {{ matrix_synapse_reverse_proxy_companion_client_server_main_override_locations_regex }} {
@@ -101,10 +107,6 @@ server {
proxy_pass http://$backend;

proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;
}

# Client-server SSO overrides — These locations must go to the main Synapse process
@@ -116,10 +118,6 @@ server {
proxy_pass http://$backend;

proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;
}

# QR code login (`rendezvous`) locations need to go to the same Synapse process.
@@ -133,10 +131,6 @@ server {
proxy_pass http://$backend;

proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;
}

{# Workers redirects BEGIN #}
@@ -199,12 +193,7 @@ server {
proxy_pass http://media_repository_workers_upstream$request_uri;
proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;

{% if matrix_synapse_reverse_proxy_companion_synapse_cache_enabled %}
proxy_buffering on;
proxy_cache {{ matrix_synapse_reverse_proxy_companion_synapse_cache_keys_zone_name }};
proxy_cache_valid any {{ matrix_synapse_reverse_proxy_companion_synapse_cache_proxy_cache_valid_time }};
proxy_force_ranges on;
@@ -233,10 +222,6 @@ server {
proxy_pass http://$backend;

proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;
}
}

@@ -246,9 +231,14 @@ server {
server_name {{ matrix_synapse_reverse_proxy_companion_hostname }};

server_tokens off;

root /dev/null;

client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
client_body_buffer_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_body_buffer_size_mb }}M;

proxy_buffering on;
proxy_max_temp_file_size 0;

{% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %}
# Federation overrides — These locations must go to the main Synapse process
location ~ {{ matrix_synapse_reverse_proxy_companion_federation_override_locations_regex }} {
@@ -259,10 +249,6 @@ server {
proxy_pass http://$backend;

proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;
}

{% if room_workers | length > 0 %}
@@ -282,10 +268,6 @@ server {
proxy_pass http://media_repository_workers_upstream$request_uri;
proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;

{% if matrix_synapse_reverse_proxy_companion_synapse_cache_enabled %}
proxy_buffering on;
proxy_cache {{ matrix_synapse_reverse_proxy_companion_synapse_cache_keys_zone_name }};
@@ -323,10 +305,6 @@ server {
proxy_pass http://$backend;

proxy_set_header Host $host;

client_body_buffer_size 25M;
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
proxy_max_temp_file_size 0;
}
}
{% endif %}

Yaz Önizleme
Yükleniyor…
İptal
Kaydet